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REMARKS 

The following remarks are made in response to the Office Action mailed May 2, 
2006, Claims 1, 3, 4, 6-13, IS, 16 and 18-24 were rejected. With this Response, claims 1, 3- 
4, 13, and 15-16 have been amended, Claims 1, 3, 4, 6-13, 15, 16, and 18-24 remain pending 
in the application and are presented for reconsideration and allowance. 

Claim Rejections under 35 ILS-C S 112 

The Examiner rejected claims 1 and 13 under 35 U.S.C. & 1 12, first paragraph, as 
failing to comply with the written description requirement. 

Applicant respectfully summits that previous independent claims 1 and 13 contained 
the limitation that the short-term certificate "is not subject to revocation prior to the 
expiration date/time" which was supported throughout the present specification, such as at 
page 6, line 25 through page 7, line 2; at page 18, line 31 through page 19, line 1; and at page 
20, lines 28-31, which clearly discloses that embodiments of the invention employ a short- 
term certificate that is never subject to revocation, thus the short-term certificate "is not 
subject to revocation prior to the expiration date/time." Nonetheless, as clarified, amended 
independent claims 1 and 13 clearly recite that the short-term certificate "is never subject to 
revocation." Accordingly, amended independent claims 1 and 13 are clearly supported by the 
present specification. 

Therefore, Applicant respectfully requests that the rejection to claims 1 and 13 under 
35 U.S.C. § 112, first paragraph be withdrawn and that these claims be allowed. 

The Examiner rejected claims 1, 3, 4, 13, 15 and 16 under 35 U.S.C. § 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which Applicants regard as the invention. Specifically, the Examiner 
requested clarification of the phrase "date/time." 

Amended claims 1, 3, 4, 13, 15 and 16 now clearly recite at least one of an expiration 

date and an expiration time. 

The Examiner rejected claims 4 and 16 under 35 U.S.C. § 112* second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which Applicants regard as the invention. Specifically, the Examiner requested clarification 
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of the phrase "wherein the expiration date/time of the short-term certificate is no later than a 
date/time at which a next CRL is scheduled." 

Amended claims 4 and 16 now clearly recite "wherein the at least one of expiration 
date and expiration time of the short-term certificate is before the CRL is next scheduled to 
be updated." 

In view of the above, claims 1, 3, 4, 13, 15 and 16 are believed to be in form for 
allowance. Therefore, Applicants respectfully request lhat rejections to these claims under 3 
U.S.C. § 1 12, second paragraph, be reconsidered, and that the rejections be removed and 
these claims be allowed. 



Claim Rejections under 35 U.S.C. 8 103 

The Examiner rejected claims 1, 3, 6, 8, 10, 13. 15, 18, 20, and 22 under 35 U.S.C. § 
103 as being unpatentable over the Riggins et al. U.S. Patent No. 6,233,341 in view of the 
Butt et al. U.S. Patent No. 6,754,829. 

The Examiner rejected claims 4 and 16 under 35 U.S.C. § 103 as being unpatentable 
over the Riggins et al. U.S. Patent No. 6,233,341 in view of the Butt et al. U.S. Patent No. 
6,754,829 in view of the Naor U.S. Patent No. 6,226,743 

The Examiner rejected claims7, 9, 19 and 21 under 35 U.S.C. § 103 as being 
unpatentable over tine Riggins et al. U.S. Patent No. 6,233,341 in view of the Butt et al. U.S. 
Patent No. 6,754,829 in view of the Howell U.S. Patent No. 5,276,901. 

The Examiner rejected claims 1 1 and 23 under 35 U.S.C. § 103 as being unpatentable 
over the Riggins et nl. U.S. Patent No, 6,233,341 in view of the Butt et al. U.S. Patent No. 
6,754,829 in view of the Maruyama U.S. Patent No. 6,393,563. 

The Examiner rejected claims 12 and 24 under 35 U.S.C. § 103 as being unpatentable 
over the Riggins et al. U.S. Patent No. 6,233.341 in view of the Butt et al. U.S. Patent No. 
6,754,829 in view of the Kausik U.S. Patent No. 6,263,446. 

The Examiner admits that the Riggins patent does not teach a short-term certificate 
that is not subject to revocation prior to expiration. Thus, the Riggins patent does not teach 
or suggest the limitations of amended independent claims 1 and 13 that the short-term 
certificate "is never subject to revocation." The Examiner cites that Butt et al. patent to teach 
short lived certificates that removes the need for revocation, 
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The combination of the Riggins patent and the Butt el al. patent, however, does not 
teach or suggest the limitations of amended independent claims 1 and 13 of the short-term 
certificate including at least one of an expiration date and an expiration time and is never 
subject to revocation. The Riggins patent at column 3, lines 17-19 states that "(temporary 
certificates can safely be installed because they expire quickly and can be revoked when the 
user leaves the remole site." and as stated at column 14, lines 46-48 "the secure 
communications engine 147 determines if the temporary certificate 400 has expired or 
whether the user has logged out." Thus, in the Riggins system that uses a temporary 
certificate at a remote site, the system requires that when the user logs out of the remote site 
that the temporary certificate is revoked. 

The Butt el al. patent discloses beginning at column 9, line 32 that the core only 
grants session certificates to authenticated operators, and session certificates are created on- 
the-fly, and then destroyed once an operator's session with the manageable device has 
terminated, and that once a console session terminates the certificate (and its private key) is 
automatically lost. 

Thus, in the Riggins system that uses a temporary certificate at a remote site, the 
system requires that when the user logs out of the remote site that the temporary certificate is 
revoked and in the Butt et al. patent the session certificate is destroyed and the certificate 
(and its private key) is automatically lost once the session terminates. By contrast, with the 
invention claimed in amended independent claims 1 and 13. when a session terminates or 
when a user logs out of a remote site, as long as the at least one of an expiration date and an 
expiration time has not expired, the short-term certificate can still be used. 

Furthermore, there is no teaching or suggestion to combine teaching of the Butt et al. 
patent with the Riggins patent to arrive at the invention claimed in amended independent 
claims 1 and 13. In fact, Riggins teaches away from a short-term certificate that is never 
subject to revocation as recited in amended independent claims 1 and 13. For example in the 
Abstract, the Riggins patent specifically states that "[t]he web server engine maintains a 
revocation list that contains information identifying revoked temporary certificates, so that a 
revoked but thus far unexpired certificate can not be improperly used. The web site reviews 
the temporary certificate for authenticity and contacts the global server site to review the 
revocation list and determine whether the temporary certificate has been revoked." 
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There is also no reasonable expectation of success for this suggested combination as 
stated in the Riggins patent at column 3, lines 17-19 "[temporary certificates can safely be 
installed because they expire quickly and can be revoked when the user leaves the remote 
site." and as stated at column 14, lines 46-48 "the secure communications engine 147 
determines if the temporary certificate 400 has expired or whether the user has logged out." 
Thus, in the Riggins system that uses a temporary certificate at a remote site, the system 
requires that when the user logs out of the remote site that the temporary certificate is 
revoked. Thus, there would be no reasonable expectation success if such capabilities would 
be removed from the Riggins system. 

Furthermore, the Examiner does not cite a reference for a directory for storing short- 
term authorization information related to the user as recited in amended independent claim 1 . 
The Examiner states that the Riggins patent docs not specifically disclose short tern 
authorization information related to a user. Therefore, the Riggins patent does not teach 
or suggest a directory for storing short-term authorization information related to the user, 
as recited in amended independent claim 1. Moreover, the Riggins patent also does not teach 
a short-term certificate binding the public key of the user to long-term identification 
information related to the user from the long-term certificate and to the short-term 
authorization information related to the user from the directory as recited in amended 
independent claim 1 . 

The Examiner cites the Butt et al. patent for teaching short-term authorization 
information related to the user. However, the Butt et al. patent discloses beginning at column 
9, line 58 one embodiment having a field indicating unbound access privileges, which is 
inserted by the core/certificate authority if the core determines that a "super user" attribute 
should be inserted. Thus, field indicating unbound access privileges is not stored in a 
directory. Thus, the Butt et al. patent does not teach or suggest a directory for storing short- 
term authorization information related to the user, as recited in amended independent claim 1. 
Moreover, the Butt et al. patent also does not teach a short-term certificate binding the public 
key of the user to long-term identification information related to the user from the long-term 
certificate and to the short-term authorization information related to the user from the 
directory as recited in amended independent claim 1. 
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One advantage of an embodiment of the invention having the short-term authorization 
information stored in a directory is disclosed in the present specification at page 1 J lines 1-5 
which states: 

In one embodiment, credentials server 44 obtains the short-term 
information data needed to issue the short-term certificates from LDAP 
directory 42. In this embodiment, since credentials server 44 does not 
contain this short-term information data, credentials server 44 is easily 
replicated within public key authorization infrastructure 30 for 
increased performance. 

In view of the above, the combination of the Riggins patent, and the Butt et al. patent 
does not establish any of the three basic criteria of a prima facie case of obviousness (See 
MPEP 2143) toward amended independent claims 1 and 13. 

Dependent claims 3, 4, and 6-12 are allowable as depending from an allowable base 
claim (claim 1) and are allowable on further independent grounds in view of the novel and 
nonobvious features and combinations set for therein. Dependent claims 15, 16. and 18-24 
are allowable as depending from an allowable base claim (claim 13) and are allowable on 
further independent grounds in view of the novel and nonobvious features and combinations 
set forth therein. 

Therefore, Applicants respectfully request reconsideration and withdrawal of the 35 
U.S.C § 103 rejection to claims 1, 3, 4, 6-13, 15, 16, and 18-24, and request allowance of 
these claims. 

CONCLUSION 

In view of the above, Applicant respectfully submits that pending claims 1,3,4, 6-13, 
15, 16, and 18-24 are in form for allowance and are not taught or suggested by the cited 
references. Therefore, reconsideration and withdrawal of the rejections and allowance of 
claims 1, 3, 4, 6-13, 15, 16, and 18-24 is respectfully requested. 

No fees are required under 37 C.F.R. 1 . 16(h)(i). However, if such fees are required, 
the Patent Office is hereby authorized to charge Deposit Account No. 08-2025. 

The Examiner is invited to contact the Applicant's representative at the below-listed 
telephone numbers to facilitate prosecution of this application. 
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Any inquiry regarding this Response should be directed to either Patrick G, Billig at 
the below-listed telephone numbers or Kevin Hart at Telephone No. (970) 898-7057, 
Facsimile No. (970) 898-7247. In addition, all correspondence should continue to be directed 
to the following address: 

Hewlett-Packard Company 

Intellectual Property Administration 
P.O. Box 272400 

Fort Collins, Colorado 80527-2400 



Date: 
PGB:cmj:dmw 



Respectfully submitted, 
Francisco Corella, 
By his attorneys, 

DICKE, BILLIG & CZAJA, PLLC 
Fifth Street Towers, Suite 2250 
100 South Fifth Street 
Minneapolis, MN 55402 
Telephone: (612) 573-2003 
Facsimile:£61_2) 573-2005 




3> 



PatrKk G. Billig 
Reg. No. 38,080 



^TfTTfrATP HNDF R 37 C.F.R. 1.8 : The undersigned hereby certifies that ihis paper or papers, as described herein, 
are being transmitted via facsimile to Facsimile No. (703) 872-9306 onttisT day of September 2006. 




Patrick G. Billig 
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